Skip to content

Comments

Bump the maven-dependencies group with 2 updates#215

Merged
smcvb merged 1 commit intomasterfrom
dependabot/maven/maven-dependencies-2af7ba59f8
Jul 28, 2025
Merged

Bump the maven-dependencies group with 2 updates#215
smcvb merged 1 commit intomasterfrom
dependabot/maven/maven-dependencies-2af7ba59f8

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 27, 2025

Bumps the maven-dependencies group with 2 updates: org.springframework.boot:spring-boot-starter-parent and org.axonframework:axon-bom.

Updates org.springframework.boot:spring-boot-starter-parent from 3.5.3 to 3.5.4

Release notes

Sourced from org.springframework.boot:spring-boot-starter-parent's releases.

v3.5.4

🐞 Bug Fixes

  • LambdaSafe.withFilter is not public #46474
  • Executable JAR application class encounters performance issues when used with Palo Alto Network Cortex XDR agent #46402
  • Runtime dependencies are missing from aotCompileClasspath and aotTestCompileClasspath when using Kotlin #46398
  • Additional fields for structured JSON logging incompatible with nested ecs logging in 3.5.x #46351
  • Change in DefaultErrorAttributes alters the shape of API validation error responses #46260
  • jdbc.connections.active and jdbc.connections.idle metrics are not available when using Hikari in a native image #46225
  • developmentOnly and testAndDevelopmentOnly dependencies may prevent implementation dependencies from being included in the uber-jar #46205
  • Hash calculation for uber archive entries that require unpacking is inefficient #46203
  • Permissions are applied inconsistently when building uber archives with Gradle #46194
  • Environment variables using legacy dash format can no longer be bound #46184
  • EmbeddedWebServerFactoryCustomizerAutoConfiguration fails when undertow-core is on the classpath and undertow-servlet is not #46180
  • Executable JAR application class encounters performance issues #46177
  • Executable JAR application class encounters performance issues #46176
  • Setting spring.reactor.context-propagation has no effect when lazy initialization is enabled #46174
  • Setting spring.netty.leak-detection has no effect when lazy initialization is enabled #46170
  • SslInfo does not use its Clock when checking certificate validity #46011

📔 Documentation

  • Fix description of spring.batch.job.enabled #46247
  • Fix broken Kotlin examples in reference documentation #46168
  • Add Logback Access Reactor Netty to community starters #46060

🔨 Dependency Upgrades

  • Upgrade to ActiveMQ 6.1.7 #46373
  • Upgrade to Caffeine 3.2.2 #46432
  • Upgrade to Couchbase Client 3.8.2 #46460
  • Upgrade to GraphQL Java 24.1 #46395
  • Upgrade to Groovy 4.0.28 #46516
  • Upgrade to Hibernate 6.6.22.Final #46492
  • Upgrade to HikariCP 6.3.1 #46493
  • Upgrade to Infinispan 15.2.5.Final #46461
  • Upgrade to Jackson Bom 2.19.2 #46494
  • Upgrade to Jetty 12.0.23 #46375
  • Upgrade to MariaDB 3.5.4 #46376
  • Upgrade to Maven Invoker Plugin 3.9.1 #46377
  • Upgrade to Micrometer 1.15.2 #46280
  • Upgrade to Micrometer Tracing 1.5.2 #46281
  • Upgrade to MSSQL JDBC 12.10.1.jre11 #46378
  • Upgrade to MySQL 9.3.0 #46371
  • Upgrade to Neo4j Java Driver 5.28.9 #46434
  • Upgrade to Netty 4.1.123.Final #46435
  • Upgrade to Prometheus Client 1.3.10 #46379
  • Upgrade to Reactor Bom 2024.0.8 #46282
  • Upgrade to RxJava3 3.1.11 #46380
  • Upgrade to Spring AMQP 3.2.6 #46283

... (truncated)

Commits
  • 925f9bc Release v3.5.4
  • d82fb35 Merge branch '3.4.x' into 3.5.x
  • 4b6064f Next development version (v3.4.9-SNAPSHOT)
  • a39c8f0 Merge branch '3.4.x' into 3.5.x
  • 99d53de Upgrade to Spring Integration 6.5.1
  • 1b4aad5 Upgrade to Groovy 4.0.28
  • 3f0f79b Upgrade to Spring Integration 6.4.6
  • ff8443c Upgrade to Groovy 4.0.28
  • aed8550 Merge branch '3.4.x' into 3.5.x
  • 5406976 Apply commercial input consistently
  • Additional commits viewable in compare view

Updates org.axonframework:axon-bom from 4.11.3 to 4.11.4

Release notes

Sourced from org.axonframework:axon-bom's releases.

Axon Bill of Materials v4.11.4

🛠️ Dependency Upgrade

  • Upgrade Axon Framework to 4.11.3 #204

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Commits
  • 2b452f0 [maven-release-plugin] prepare release axon-4.11.4
  • e8184b8 Merge pull request #204 from AxonFramework/dependency-upgrade/axon-4.11.3
  • e0ec278 Upgrade Axon Framework to 4.11.3
  • 5956e05 Set server identifier to central
  • 85a84f8 Trigger change to validate snapshot process
  • d4a7ea5 Adjust deploy and publish process
  • 00999b8 Replace Gerard and Milen for Mateusz
  • 639aedb Replace reviewers for CODEOWNERS
  • 6764017 Set milestone to 4.11.4
  • ea7afbb [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the maven-dependencies group with 2 updates
1990be3 
Bumps the maven-dependencies group with 2 updates: [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) and [org.axonframework:axon-bom](https://github.com/AxonFramework/axon-bom).


Updates `org.springframework.boot:spring-boot-starter-parent` from 3.5.3 to 3.5.4
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](spring-projects/spring-boot@v3.5.3...v3.5.4)

Updates `org.axonframework:axon-bom` from 4.11.3 to 4.11.4
- [Release notes](https://github.com/AxonFramework/axon-bom/releases)
- [Commits](AxonFramework/axon-bom@axon-4.11.3...axon-4.11.4)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-version: 3.5.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: org.axonframework:axon-bom
  dependency-version: 4.11.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added this to the Release 4.11 milestone Jul 27, 2025
@dependabot dependabot bot requested a review from a team as a code owner July 27, 2025 02:50
@dependabot dependabot bot requested review from CodeDrivenMitch, abuijze and smcvb and removed request for a team July 27, 2025 02:50
@smcvb smcvb self-assigned this Jul 28, 2025
@smcvb smcvb modified the milestones: Release 4.11, Release 4.12 Jul 28, 2025
smcvb
smcvb approved these changes Jul 28, 2025
View reviewed changes
Copy link
Member

@smcvb smcvb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me 👍

@smcvb smcvb modified the milestones: Release 4.12, Release 4.11 Jul 28, 2025
@smcvb smcvb merged commit 8970e75 into master Jul 28, 2025
4 checks passed
@dependabot dependabot bot deleted the dependabot/maven/maven-dependencies-2af7ba59f8 branch July 28, 2025 12:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@smcvb smcvb smcvb approved these changes

@abuijze abuijze Awaiting requested review from abuijze abuijze was automatically assigned from AxonFramework/framework-developers

@CodeDrivenMitch CodeDrivenMitch Awaiting requested review from CodeDrivenMitch CodeDrivenMitch was automatically assigned from AxonFramework/framework-developers

Assignees

@smcvb smcvb

Labels

Priority 1: Must Type: Dependency Upgrade

Projects

None yet

Milestone

Release 4.11

Development

Successfully merging this pull request may close these issues.

1 participant

@smcvb